OSINT Links & Tools
https://www.osinttechniques.com/osint-tools.html
Maltego
https://www.maltego.com/downloads/
Recon-ng
https://github.com/lanmaster53/recon-ng
Google dorks
https://www.abw.gov.pl/download/1/2783/MidlerGarlickiMincewicz-PL.pdf
https://www.exploit-db.com/google-hacking-database
PHP Code saving POST data:
Certificates
https://www.certificate-transparency.org/what-is-ct
https://transparencyreport.google.com/https/certificates
Domains
Name Generation
https://github.com/elceef/dnstwist
Scoring / Ranking
https://www.alexa.com/siteinfo
WHOIS privacy / history
https://whois-history.whoisxmlapi.com
Ageing
https://www.expireddomains.net/
Web Archive
Categorization
BlueCoat: http://sitereview.bluecoat.com/sitereview.jsp
Cisco: http://www.senderbase.org/home
McAfee: http://www.mcafee.com/us/threat-center.aspx
Trend Micro: https://global.sitesafety.trendmicro.com
Websense: http://csi.websense.com
Zscaler: http://zulu.zscaler.com
SE Tools
Evilginx (MITM Phishing Framework)
https://github.com/kgretzky/evilginx2
SET
https://github.com/trustedsec/social-engineer-toolkit
BeEF
https://github.com/beefproject/beef
GoPhish
https://github.com/gophish/gophish
https://docs.getgophish.com/user-guide/
KingPhisher
https://github.com/rsmusllp/king-phisher
https://king-phisher.readthedocs.io/en/latest/
Macro
VBA
Accessing Clipboard
Didier’s resources:
https://videos.didierstevens.com/2016/10/11/training-attacking-with-excel/
https://github.com/DidierStevens/DidierStevensSuite
https://blog.didierstevens.com
Obfuscation
https://github.com/sevagas/macro_pack
https://github.com/bonnetn/vba-obfuscator
EvilClippy (Obfuscation)
https://github.com/outflanknl/EvilClippy
https://outflank.nl/blog/2019/05/05/evil-clippy-ms-office-maldoc-assistant/
Unicorn (Macro generation and more)
https://github.com/trustedsec/unicorn
Macros from remote templates
Metadata
Red Teamer Testing Tools
Wireshark: https://www.wireshark.org
Charles Proxy: https://www.charlesproxy.com
Burp: https://portswigger.net/burp
Server_z
Malware samples
https://www.hybrid-analysis.com/file-collections
https://zeltser.com/malware-sample-sources/ (list)
Defender/Analyst tools
https://videos.didierstevens.com/2020/10/11/oledump-py-plugin_msg_summary/
https://blog.didierstevens.com/programs/oledump-py/
http://www.decalage.info/python/oletools
https://github.com/decalage2/oletools/wiki/olevba
https://gchq.github.io/CyberChef/ (encoder/decoder)
https://code.visualstudio.com/ (Free IDE released by Microsoft)
https://www.automateexcel.com/vba-code-indenter/ (VBA Code Indenter)
https://github.com/MalwareCantFly/Vba2Graph (VBA2Graph)
https://github.com/decalage2/ViperMonkey (VBA Emulation engine written in python)
ASR (Attack Surface Reduction) Rules